[Rpm-maint] [rpm-software-management/rpm] RFE: add support for multiple OpenPGP signatures per package (Issue #3385)
Panu Matilainen
notifications at github.com
Thu Nov 7 09:44:27 UTC 2024
> The point was not about the correctness of our implementation of base64, but that the format should have only one canonical encoding any alternate encodings being rejected. It also makes the format more reproducible.
>
> When incorporating existing formats, it is suggested to use a format whose normal spec is strict in that regard.
If base64 is bad, what is good then? Plain hex better? I'm not particularly in love with base64, it's just a format we already have to deal with, and one that isn't as dumb as plain hex space-wise. For traditional signatures, space isn't critical because we're not expecting a single package to have hundreds of thousands of signatures. Are PQ signatures significantly bigger? (I've never seen one, I've no idea)
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3385#issuecomment-2461764746
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/3385/2461764746 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20241107/16ca6555/attachment.html>
More information about the Rpm-maint
mailing list